What should you recommend for each threat?
HOTSPOT You need to recommend remediation actions for the Azure Defender alerts for Fabrikam. What should you recommend for each threat? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer:
What should you include in the query?
Topic 3, Misc. Questions You plan to create a custom Azure Sentinel query that will track anomalous Azure Active Directory (Azure AD) sign-in activity and present the activity as a time chart aggregated by day. You need to create a query that will be used to display the time chart....
Which policy should you modify?
You need to modify the anomaly detection policy settings to meet the Cloud App Security requirements. Which policy should you modify?A . Activity from suspicious IP addressesB . Activity from anonymous IP addressesC . Impossible travelD . Risky sign-inView AnswerAnswer: C Explanation: Explanation: https://docs.microsoft.com/en-us/cloud-app-security/anomaly-detection-policy
What should you do when you create the rule?
You need to create the test rule to meet the Azure Sentinel requirements. What should you do when you create the rule?A . From Set rule logic, turn off suppression.B . From Analytics rule details, configure the tactics.C . From Set rule logic, map the entities.D . From Analytics rule...
The issue for which team can be resolved by using Microsoft Defender for Endpoint?
The issue for which team can be resolved by using Microsoft Defender for Endpoint?A . executiveB . salesC . marketingView AnswerAnswer: B Explanation: Explanation: https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/microsoft- defender-atp-ios
What should you configure first?
You need to implement the Azure Information Protection requirements. What should you configure first?A . Device health and compliance reports settings in Microsoft Defender Security CenterB . scanner clusters in Azure Information Protection from the Azure portalC . content scan jobs in Azure Information Protection from the Azure portalD ....
What should you do?
HOTSPOT You need to create the analytics rule to meet the Azure Sentinel requirements. What should you do? To answer, select the appropriate options in the answer area. NOTE: Each correct selection is worth one point. View AnswerAnswer:
What should you include in the recommendation?
You need to recommend a solution to meet the technical requirements for the Azure virtual machines. What should you include in the recommendation?A . just-in-time (JIT) accessB . Azure DefenderC . Azure FirewallD . Azure Application GatewayView AnswerAnswer: B Explanation: Explanation: https://docs.microsoft.com/en-us/azure/security-center/azure-defender
The issue for which team can be resolved by using Microsoft Defender for Office 365?
Topic 1, Contoso Ltd Case study This is a case study. Case studies are not timed separately. You can use as much exam time as you would like to complete each case. However, there may be additional case studies and sections on this exam. You must manage your time to...
Which role should you assign to SecAdmin1?
You have a Microsoft 365 subscription that uses Azure Defender. You have 100 virtual machines in a resource group named RG1. You assign the Security Admin roles to a new user named SecAdmin1. You need to ensure that SecAdmin1 can apply quick fixes to the virtual machines by using Azure...